Hi Roberto,
On Fri, 2021-07-30 at 13:16 +0000, Roberto Sassu wrote:
From: Mimi Zohar [mailto:zohar@linux.ibm.com] Sent: Friday, July 30, 2021 2:40 PM
"critical data", in this context, should probably be used for verifying the in memory file digests and other state information haven't been compromised.
Actually, this is what we are doing currently. To keep the implementation simple, once the file or the buffer are uploaded to the kernel, they will not be modified, just accessed through the indexes.
My main concern about digest lists is their integrity, from loading the digest lists to their being stored in memory. A while back, there was some work on defining a write once memory allocator. I don't recall whatever happened to it. This would be a perfect usecase for that memory allocator.
thanks,
Mimi